Meraki

Community

About KhesarW

Re: MALWARE-CNC Win.Ransomware.Lockergoga binary download attempt

by in Security & SD-WAN
‎Nov 3 2022 1:37 PM
‎Nov 3 2022 1:37 PM
Hi @alemabrahao Yes we haveand awaiting response currently.    Thanks,  Khesar ... View more

Re: MALWARE-CNC Win.Ransomware.Lockergoga binary download attempt

by in Security & SD-WAN
‎Nov 3 2022 1:35 PM
‎Nov 3 2022 1:35 PM
Hi @BlakeRichardson- Thanks for your response. Yes, when we blocked the IP addresses the Win 11 upgrade stopped. Are you guys running Win 11 as well?   Thanks,  Khesar   ... View more

MALWARE-CNC Win.Ransomware.Lockergoga binary download attempt

by in Security & SD-WAN
‎Nov 3 2022 11:22 AM
‎Nov 3 2022 11:22 AM
Hi everyone,  New to Meraki and the community forum 😊.    We've been seeing this malware-cnc (MALWARE-CNC Win.Ransomware.Lockergoga binary download attempt) for a few weeks with the snort-rule Sid 1-4967. The MX Events show IDS Alert with the actions "blocked". When checking the source IP's they all appear to be affiliated with Microsoft. Events also transpired around the same time we pushed out Win 11 upgrades.    I was wondering if anyone else has been seeing these security events in their security center/affected by this and what actions were done to resolve this issue.    Any help greatly appreciated.    Sincerely,  Khesar ... View more
© 2024 Cisco Systems, Inc.